FBI has issued a warning about vulnerabilities in Fortinet after an APT group hacked a local government office. According to ZDnet, the FBI release did not say which government office had been attacked through a Fortigate appliance. The flash alert was issued on Thursday after it discovered that a local government office was attacked through Fortinet vulnerabilities earlier this month.
The release said an “APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a U.S. municipal government.”
“The APT actors likely created an account with the username ‘elie’ to further enable malicious activity on the network,” according to the white flash alert. “As of at least May 2021, an the FBI and the CISA previously warned in April 2021 that APT actors had gained access to devices on ports 4443, 8443, and 10443 for Fortinet FortiOS CVE-2018-13379, and enumerated devices for FortiOS CVE-2020- 12812 and FortiOS CVE-2019-5591,” the FBI said.